audit: no nested contexts anymore...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

audit: no nested contexts anymore...
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
c62d773a · Al Viro · 6b94631f · c62d773a
Commit c62d773a authored Oct 20, 2012 by Al Viro
Hide whitespace changes
Inline Side-by-side

Showing with 21 additions and 81 deletions

kernel/auditsc.c kernel/auditsc.c +21 -81

No files found.
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -200,7 +200,6 @@ struct audit_context {
 	struct list_head    names_list;	/* anchor for struct audit_names->list */
 	char *		    filterkey;	/* key for rule that triggered record */
 	struct path	    pwd;
-	struct audit_context *previous; /* For nested syscalls */
 	struct audit_aux_data *aux;
 	struct audit_aux_data *aux_pids;
 	struct sockaddr_storage *sockaddr;
@@ -1091,29 +1090,13 @@ int audit_alloc(struct task_struct *tsk)
 static inline void audit_free_context(struct audit_context *context)
 {
-	struct audit_context *previous;
+	audit_free_names(context);
-	int		     count = 0;
+	unroll_tree_refs(context, NULL, 0);
+	free_tree_refs(context);
-	do {
+	audit_free_aux(context);
-		previous = context->previous;
+	kfree(context->filterkey);
-		if (previous || (count &&  count < 10)) {
+	kfree(context->sockaddr);
-			++count;
+	kfree(context);
-			printk(KERN_ERR "audit(:%d): major=%d name_count=%d:"
-			       " freeing multiple contexts (%d)\n",
-			       context->serial, context->major,
-			       context->name_count, count);
-		}
-		audit_free_names(context);
-		unroll_tree_refs(context, NULL, 0);
-		free_tree_refs(context);
-		audit_free_aux(context);
-		kfree(context->filterkey);
-		kfree(context->sockaddr);
-		kfree(context);
-		context  = previous;
-	} while (context);
-	if (count >= 10)
-		printk(KERN_ERR "audit: freed %d contexts\n", count);
 }
 void audit_log_task_context(struct audit_buffer *ab)
@@ -1783,42 +1766,6 @@ void __audit_syscall_entry(int arch, int major,
 	if (!context)
 		return;
-	/*
-	 * This happens only on certain architectures that make system
-	 * calls in kernel_thread via the entry.S interface, instead of
-	 * with direct calls.  (If you are porting to a new
-	 * architecture, hitting this condition can indicate that you
-	 * got the _exit/_leave calls backward in entry.S.)
-	 *
-	 * i386     no
-	 * x86_64   no
-	 * ppc64    yes (see arch/powerpc/platforms/iseries/misc.S)
-	 *
-	 * This also happens with vm86 emulation in a non-nested manner
-	 * (entries without exits), so this case must be caught.
-	 */
-	if (context->in_syscall) {
-		struct audit_context *newctx;
-#if AUDIT_DEBUG
-		printk(KERN_ERR
-		       "audit(:%d) pid=%d in syscall=%d;"
-		       " entering syscall=%d\n",
-		       context->serial, tsk->pid, context->major, major);
-#endif
-		newctx = audit_alloc_context(context->state);
-		if (newctx) {
-			newctx->previous   = context;
-			context		   = newctx;
-			tsk->audit_context = newctx;
-		} else	{
-			/* If we can't alloc a new context, the best we
-			 * can do is to leak memory (any pending putname
-			 * will be lost).  The only other alternative is
-			 * to abandon auditing. */
-			audit_zero_context(context, context->state);
-		}
-	}
 	BUG_ON(context->in_syscall || context->name_count);
 	if (!audit_enabled)
@@ -1881,28 +1828,21 @@ void __audit_syscall_exit(int success, long return_code)
 	if (!list_empty(&context->killed_trees))
 		audit_kill_trees(&context->killed_trees);
-	if (context->previous) {
+	audit_free_names(context);
-		struct audit_context *new_context = context->previous;
+	unroll_tree_refs(context, NULL, 0);
-		context->previous  = NULL;
+	audit_free_aux(context);
-		audit_free_context(context);
+	context->aux = NULL;
-		tsk->audit_context = new_context;
+	context->aux_pids = NULL;
-	} else {
+	context->target_pid = 0;
-		audit_free_names(context);
+	context->target_sid = 0;
-		unroll_tree_refs(context, NULL, 0);
+	context->sockaddr_len = 0;
-		audit_free_aux(context);
+	context->type = 0;
-		context->aux = NULL;
+	context->fds[0] = -1;
-		context->aux_pids = NULL;
+	if (context->state != AUDIT_RECORD_CONTEXT) {
-		context->target_pid = 0;
+		kfree(context->filterkey);
-		context->target_sid = 0;
+		context->filterkey = NULL;
-		context->sockaddr_len = 0;
-		context->type = 0;
-		context->fds[0] = -1;
-		if (context->state != AUDIT_RECORD_CONTEXT) {
-			kfree(context->filterkey);
-			context->filterkey = NULL;
-		}
-		tsk->audit_context = context;
 	}
+	tsk->audit_context = context;
 }
 static inline void handle_one(const struct inode *inode)